‘Socialbots’ pose IT security threat on campuses

By Dennis Carter, Assistant Editor

November 3rd, 2011

Socialbots had an 80 percent success rate during the two-month experiment.

University of British Columbia (UBC) Vancouver researchers unleashed an army of more than 100 socialbots—technology that poses as people on social networks—and harvested personal information from 3,000 Facebook users, demonstrating how vulnerable campus networks are to attacks through social media sites.

In “The Socialbot Network,” released Nov. 1, a group of UBC researchers claim they used a cluster of fake Facebook accounts to obtain more than 250 gigabytes of personal information from Facebook users who accepted friend requests from socialbots during the two-month experiment.

The socialbots have profile pictures, personal information, and posts like any other regular Facebook regular.

But instead of proposing a friend request and interacting with friends and colleagues, the bots exist only to scan Facebook profiles for personal eMail addresses, phone numbers, marital status, instant messenger accounts, addresses, and personal preferences.

“A successful infiltration can result in privacy breaches where even more users’ data are exposed when compared to a purely public access,” the researchers wrote.

Socialbots deployed by the UBC researchers, which used quotes from the site iheartquotes.com as status updates to simulate a real person, infiltrated Facebook accounts in 80 percent of their attempts.

The researchers launched each socialbot account in part by using temporary eMail addresses from 10minutemail.com as a registration eMail account required to start a Facebook profile. Photos were chosen for each socialbot account through the site hotornot.com, where users rate each others’ “hotness.”

Despite its Facebook Immune System (FIS), the 800-million member social network might not have sufficient defenses for socialbots posing as people, according to the report.

FIS, the report charges, is “not effective enough in detecting or stopping a large-scale infiltration as it occurs.”